我正在嘗試撰寫一個 Linux 用戶空間程式來打開一個 TUN 介面并為其分配一個 IPv4 地址和一個網路掩碼。分配 IP 地址可以正常作業,但設定網路掩碼會導致標題錯誤(如果perror之后立即呼叫)。這是一個展示問題的代碼片段:
int tun_open(char *tun_name)
{
int tun_fd;
if ((tun_fd = open("/dev/net/tun", O_RDWR)) == -1) {
return -1;
}
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
if (ioctl(tun_fd, TUNSETIFF, &ifr) == -1) {
close(tun_fd);
return -1;
}
strncpy(tun_name, ifr.ifr_name, IFNAMSIZ);
return tun_fd;
}
int tun_assign_addr(int tun_fd,
char const *tun_name,
char const *tun_addr,
char const *tun_netmask)
{
struct sockaddr_in addr;
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, tun_name, IFNAMSIZ);
ifr.ifr_addr = *(struct sockaddr *)&addr;
int s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0);
if (inet_pton(addr.sin_family, tun_addr, &addr.sin_addr) != 1)
return -1;
if (ioctl(s, SIOCSIFADDR, &ifr) == -1)
return -1;
if (inet_pton(addr.sin_family, tun_netmask, &addr.sin_addr) != 1)
return -1;
if (ioctl(s, SIOCSIFNETMASK, &ifr) == -1) {
perror(">>> ERROR HERE <<<")
return -1;
}
return 0;
}
int main()
{
int tun_fd;
char tun_name[IFNAMSIZ];
assert(tun_open(tun_name) != -1);
assert(tun_assign_addr(tun_fd, tun_name, "10.0.0.0", "255.255.255.0") != -1);
}
在對內核代碼進行了一些挖掘之后(我在5.14.14),這似乎一定是因為bad_mask簽入了net/ipv4/devinet.c:1214. 但是,如果我bad_mask從include/linux/inetdevice.h網路掩碼上手動運行,它會false按預期回傳。
這里到底發生了什么?
uj5u.com熱心網友回復:
你分配的“內容”addr到ifr_addr 之前設定的地址,像網路掩碼的IP地址。因此,您將 NULL 發送到 ioctl 以獲取 IP,然后將 NULL 發送到 MASK。該inet_pton只觸摸addr,不然后更改ifr.ifr_addr。
這是更正后的代碼:
int tun_assign_addr(int tun_fd,
char const *tun_name,
char const *tun_addr,
char const *tun_netmask)
{
struct sockaddr_in addr,mask;
memset(&addr, 0, sizeof(addr));
memset(&mask, 0, sizeof(mask));
addr.sin_family = AF_INET;
mask.sin_family = AF_INET;
struct ifreq ifr;
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, tun_name, IFNAMSIZ);
int s = socket(addr.sin_family, SOCK_DGRAM, 0);
if (inet_pton(addr.sin_family, tun_addr, &addr.sin_addr) != 1)
return -1;
ifr.ifr_addr = *(struct sockaddr *)&addr;
if (ioctl(s, SIOCSIFADDR, &ifr) == -1) {
perror(">>> ERROR HERE ADD <<<");
return -1;
}
if (inet_pton(mask.sin_family, tun_netmask, &mask.sin_addr) != 1)
return -1;
ifr.ifr_netmask = *(struct sockaddr *)&mask;
if (ioctl(s, SIOCSIFNETMASK, &ifr) == -1) {
perror(">>> ERROR HERE MSK <<<");
return -1;
}
return 0;
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/net/406069.html
標籤: